PT-2021-12851 · Acronis · Acronis True Image

Published

2021-05-25

Updated

2021-05-28

CVE-2020-9450

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions: Acronis True Image 2020 version 24.5.22510

Description: An issue was discovered in the anti ransomware service.exe component, which exposes a REST API that can be accessed by all users, including unprivileged ones. This API is used for communication between the GUI and anti ransomware service.exe. The issue can be exploited to add malicious executables to the whitelist or exclude entire drives from being monitored by anti ransomware service.exe.

Recommendations: For Acronis True Image 2020 version 24.5.22510, consider restricting access to the REST API exposed by anti ransomware service.exe to prevent unauthorized modifications to the whitelist or drive monitoring settings. As a temporary workaround, consider disabling the API until a patch is available.

Exploit

Fix

Incorrect Default Permissions

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-276

Related Identifiers

CVE-2020-9450

Affected Products

Acronis True Image

PT-2021-12851 · Acronis · Acronis True Image

CVE-2020-9450

Weakness Enumeration

Related Identifiers

Affected Products

References · 6